Hi!
I want to log failed authentication requests due to a wrong password
(wrong response), but I do not want to log failed authentication
requests due to a stale nonce.
Is there a way to differ this 2 situations? MAybe are there different
return values from proxy_authorize?
regards
klaus
--
Klaus Darilion
nic.at
Hi.
I saw the example script of openser.cfg for 'call forwarding'.
Are other SIP supplementary services possible with OpenSER, by script?
(call parking, call pickup, hold, conference, etc...)
If it is possible, how can I get these script files?
thanks
새로운 기부문화의 씨앗, 해피빈
>> I guess you are forwarding the INVITE to the gateway using t_relay.
>> Thus, you forward statefully by creating a transaction inside openser's
>> tm module. Thus, for the transaction to complete, the tm module also has
>> to see the ACK. Thus, you have to t_relay the ACK too.
Thanks Klaus, that's what I've been doing. The thing that prompted me
to email was a Grandstream phone that about 80% of the time will cause
openser1.1.0 to go in a loop, blasting the ACK around internally,
coming in the top of route[0] and subsequently being t_relayed() until
I get too many hops.
This is all internal, no packets are generated on the ethernet
interface.
I've looked at the ACK the Grandstream sends back and compared it
to the ACK I get from a Linksys and they are almost identical.
The only difference is the Linksys puts the port number on the
ACK and To: like this:
ACK sip:18005551212@openser.example.com:5060 SIP/2.0
To: <sip:18005551212@openser.example.com:5060>;tag=foo-9235
while the Grandstream doesn't mention the port:
ACK sip:18005551212@openser.example.com SIP/2.0
To: <sip:18005551212@openser.example.com>;tag=foo-055c
Even if the solution is to upgrade to 1.2.0 (which I'm going to do),
if this was a known problem then I'ld appreciate hearing that.
Thanks,
-mark
Hello,
First of all congratulations to everyone involved in the new release. I
haven't been able to get my hands on it yet, but just reading about it
makes me very excited. Great job!
I would like to address the issue of Openser and Oracle working
together. We are currently using Openser with a local MySQL. Our main
database is Oracle and we are just copying data to MySQL so that Openser
can work. This is a little difficult to maintain so I thought I would
try to make Openser use directly our Oracle. Of course I ran into a
number of issues.
1. modules/acc and unixodbc. The acc_db_request() was not working
because inserting a string in a date column does not work with Oracle.
So, I had to change functions time2str() and time2odbc() in order to
make this work. Also had to change acc.c to treat column time as DB_TIME
instead of DB_STR (I think this could be treated as a bug).
2. modules/lcr. The query uses char_length() and rand() which I had to
replace with lengthc() and dbms_random.value. Should these be modules
params?
3. modules/avpops. All issues were resolved by config changes and
replacing avp_db_load() with avp_db_query().
4. modules/auth_db, alias_db, uri_db, group. Since MySQL is case
insensitive and Oracle is not, I made changes in the code to use
raw_query() instead of query(). All queries have to be in the form
"select ... from ... where username=upper(...)"
I would be happy to provide patches and help in any way in order to make
this migration easier in the future. However I am not sure whether my
changes are general enough for everybody to use. So, do you have any
suggestions about how to deal with these issues?
Another issue that came up is the number of connections from Openser to
the database. In our case, listening to five interfaces, with tcp
disabled and children=5, we get 28 connections to DB which is a great
waste of resources. From those five interfaces, one is receiving the
bulk of traffic and the rest receive minimal traffic. Since each child
has its own connection, then what is the purpose of connection pooling?
How difficult would it be to have a common connection pool for all
children?
sorry for the long email and thank you in advance for any answer.
George
Disclaimer
The information in this e-mail and any attachments is confidential. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are not authorized to, and must not, read, copy, distribute, use or retain this message or any part of it. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.
Hello,
as call forwarding was a frequently requested feature for the new => 2.0 SER
configuration I recently added this feature to the ser.cfg in the HEAD branch
repository.
As this is a new "feature" I do not plan to add it to the 2.0 stable branch.
But "backporting" should be easy ;-) So please give it a try and let me know
your feedback.
Thanks
Nils
The SIP tutorial by myself and Dorgham Sisalem has been updated and
is available at http://www.iptel.org/sip. Comments to authors are most
welcome.
-jiri
--
Jiri Kuthan http://iptel.org/~jiri/
Hi,
does anyone know if there are any packages for the dependencies for the
mi_xmlrpc module for RedHat/CentOS?
(Im trying to get this working on my centOS dist)
br
It is uppercase in the code. I am using version 1.1.1 and it is in file
lcr_mod.c, function do_load_gws.
> -----Original Message-----
> From: Henning Westerholt [mailto:henning.westerholt@1und1.de]
> Sent: Wednesday, March 14, 2007 1:54 PM
> To: users(a)openser.org
> Cc: Papadopoulos Georgios
> Subject: Re: [Users] Openser and Oracle
>
> On Wednesday 14 March 2007 11:25, Papadopoulos Georgios wrote:
> > Hello,
> > [..]
> > 2. modules/lcr. The query uses char_length() and rand()
> which I had to
> > replace with lengthc() and dbms_random.value. Should these
> be modules
> > params?
>
> Hello Papadopoulos,
>
> i tried to look up the problem with the mentioned functions
> above. I don't find a char_length() call in the lcr module.
> What version of openser do you use? In what file are the
> problematic calls?
>
> Best regards,
>
> Henning
>
Disclaimer
The information in this e-mail and any attachments is confidential. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are not authorized to, and must not, read, copy, distribute, use or retain this message or any part of it. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.
What do you mean by "SQL injection"? I know it is not a pretty solution
(especially changing the code) but I cannot think of an alternative.
I can look into SER's oracle module. But that would mean that in the
where clauses all string values should be surounded with "upper". Not a
pretty solution either but it would work I guess.
I briefly saw that Openser 1.2 has string transformations. So could
uppercase and lowercase be included there? I am picturing something like
avp_db_load("$ruri{s.lowercase}", ...)
Of course this would only solve the issue with avpops. In order to solve
the issue with auth_db for example, wouldn't we need new functions?
Any comments about the multiple connections to the DB?
> -----Original Message-----
> From: Klaus Darilion [mailto:klaus.mailinglists@pernau.at]
> Sent: Wednesday, March 14, 2007 12:59 PM
> To: Papadopoulos Georgios
> Cc: users(a)openser.org
> Subject: Re: [Users] Openser and Oracle
>
> Papadopoulos Georgios wrote:
> > Hello,
> >
> > First of all congratulations to everyone involved in the
> new release.
> > I haven't been able to get my hands on it yet, but just
> reading about
> > it makes me very excited. Great job!
> >
> > I would like to address the issue of Openser and Oracle working
> > together. We are currently using Openser with a local
> MySQL. Our main
> > database is Oracle and we are just copying data to MySQL so that
> > Openser can work. This is a little difficult to maintain so
> I thought
> > I would try to make Openser use directly our Oracle. Of
> course I ran
> > into a number of issues.
> > 1. modules/acc and unixodbc. The acc_db_request() was not working
> > because inserting a string in a date column does not work
> with Oracle.
> > So, I had to change functions time2str() and time2odbc() in
> order to
> > make this work. Also had to change acc.c to treat column time as
> > DB_TIME instead of DB_STR (I think this could be treated as a bug).
> > 2. modules/lcr. The query uses char_length() and rand()
> which I had to
> > replace with lengthc() and dbms_random.value. Should these
> be modules
> > params?
>
> Hi!
>
> I guess oracle allows the defintion of new function. Then you
> could write the functions char_length() and rand() which
> would be just wrappers to lengthc() and dbms_random.value.
>
> > 3. modules/avpops. All issues were resolved by config changes and
> > replacing avp_db_load() with avp_db_query().
>
> Be careful - raw queries are vulnerable to SQL injection!!!
>
> > 4. modules/auth_db, alias_db, uri_db, group. Since MySQL is case
> > insensitive and Oracle is not, I made changes in the code to use
> > raw_query() instead of query(). All queries have to be in the form
> > "select ... from ... where username=upper(...)"
>
> Again: Be careful - raw queries are vulnerable to SQL injection!!!
> >
> > I would be happy to provide patches and help in any way in order to
> > make this migration easier in the future. However I am not sure
> > whether my changes are general enough for everybody to use.
> So, do you
> > have any suggestions about how to deal with these issues?
>
> There is a oracle module in ser - you could port it to openser ;-)
>
> regards
> klaus
>
> > Another issue that came up is the number of connections
> from Openser
> > to the database. In our case, listening to five interfaces,
> with tcp
> > disabled and children=5, we get 28 connections to DB which
> is a great
> > waste of resources. From those five interfaces, one is
> receiving the
> > bulk of traffic and the rest receive minimal traffic. Since
> each child
> > has its own connection, then what is the purpose of
> connection pooling?
> > How difficult would it be to have a common connection pool for all
> > children?
> >
> > sorry for the long email and thank you in advance for any answer.
> >
> > George
> >
> >
> >
> >
> >
> > Disclaimer
> > The information in this e-mail and any attachments is
> confidential. It is intended solely for the attention and use
> of the named addressee(s). If you are not the intended
> recipient, or person responsible for delivering this
> information to the intended recipient, please notify the
> sender immediately. Unless you are the intended recipient or
> his/her representative you are not authorized to, and must
> not, read, copy, distribute, use or retain this message or
> any part of it. E-mail transmission cannot be guaranteed to
> be secure or error-free as information could be intercepted,
> corrupted, lost, destroyed, arrive late or incomplete, or
> contain viruses.
> >
> >
> >
> >
> >
> ----------------------------------------------------------------------
> > --
> >
> > _______________________________________________
> > Users mailing list
> > Users(a)openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
>
>
> --
> Klaus Darilion
> nic.at
>
>
